Email sending infrastructure (EML01) #39

New issue

Closed

opened 2026-04-21 20:52:20 +00:00 by frank · 1 comment

frank commented 2026-04-21 20:52:20 +00:00

Owner

Copy link

No email sending capability exists. No mail(), PHPMailer, or SMTP config.\n\nBlocks: password reset (AUTH01), purchase receipts (PAY07).\n\nOptions: PHPMailer + SMTP relay (Mailgun/SES/Postmark), or Resend. Need DKIM/SPF/DMARC on sending domain (EML02).\n\nLaunch readiness: EML01 BLOCKER

No email sending capability exists. No mail(), PHPMailer, or SMTP config.\n\nBlocks: password reset (AUTH01), purchase receipts (PAY07).\n\nOptions: PHPMailer + SMTP relay (Mailgun/SES/Postmark), or Resend. Need DKIM/SPF/DMARC on sending domain (EML02).\n\nLaunch readiness: EML01 BLOCKER

frank added this to the Launch Prep milestone 2026-04-21 20:52:20 +00:00

frank added the

infra

feature

priority:high

labels 2026-04-21 20:52:20 +00:00

frank referenced this issue 2026-05-05 15:29:03 +00:00

Self-service forgot-password flow (AUTH01) #35

frank changed title from BLOCKER: Email sending infrastructure (EML01) to Email sending infrastructure (EML01) 2026-05-05 15:30:26 +00:00

frank referenced this issue from a commit 2026-05-05 20:34:20 +00:00

feat: self-service forgot-password flow with Resend email (closes #35, #39)

frank commented 2026-05-05 20:38:50 +00:00

Author

Owner

Copy link

Done in commit c9391e2.

• New api/services/EmailService.php wraps the Resend API
• Reads RESEND_API_KEY, EMAIL_FROM, APP_URL from env
• Fails soft when key is unset (logs + returns false) so self-hosters without SMTP aren't broken
• Domain cookslate.app verified at Resend (DKIM + SPF + DMARC live in Cloudflare)
• First production use: forgot-password flow (#35)

Future transactional emails (Stripe receipts, etc.) just new EmailService()->send(...).

Done in commit c9391e2. - New `api/services/EmailService.php` wraps the Resend API - Reads `RESEND_API_KEY`, `EMAIL_FROM`, `APP_URL` from env - Fails soft when key is unset (logs + returns false) so self-hosters without SMTP aren't broken - Domain `cookslate.app` verified at Resend (DKIM + SPF + DMARC live in Cloudflare) - First production use: forgot-password flow (#35) Future transactional emails (Stripe receipts, etc.) just `new EmailService()->send(...)`.

frank closed this issue 2026-05-05 20:38:50 +00:00

frank referenced this issue 2026-05-05 20:38:50 +00:00

Self-service forgot-password flow (AUTH01) #35

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

No results found.

Labels

Clear labels   

bug

Something isnt working

  

deferred

Intentionally deferred, revisit later

  

documentation

Documentation improvements

  

enhancement

New feature or request

  

feature

New feature or capability

  

infra

Infrastructure, deployment, monitoring

  

integration

Third-party integrations and imports

  

marketing

Marketing, community, and outreach

  

priority:high

High priority

  

priority:low

Low priority

  

priority:medium

Medium priority

  

Pro

Pro/Household tier feature

  

security

Security-related item

  

UX

User experience improvement

No labels

bug

deferred

documentation

enhancement

feature

infra

integration

marketing

priority:high

priority:low

priority:medium

Pro

security

UX

Milestone

Clear milestone

No items

No milestone

Launch Prep

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

frank/cookslate#39

No description provided.